Wireless network having multiple communication allowances

ABSTRACT

Multiple levels of wireless network resource granting. A user who has an authorized key, e.g., an encryption key or a key indicating that they have paid for service, gets a first, better level of access to the network resources. One without the key is granted lesser access, e.g., less total bandwidth, less bandwidth speed, no access to files or the like.

This application claims priority to U.S. Provisional Ser. No. 60/454,694filed Mar. 14, 2003.

FIELD OF INVENTION

Wireless networks are well-known, and may be based, for example, on the802.11 standard. Because the contents of the wireless network can bereceived by anyone with wireless access, security may be achievedthrough encryption of the stream. Anyone with an encryption code can tapinto the network. Those without the encryption code, however, simplycannot decode the wireless stream. In addition, standard networkprotocols may be used, so that not only the encryption code, but also anetwork login, is necessary.

SUMMARY

The present application describes a wireless network, defining aplurality of different classes of service, where the different classesof service include at least a first class of service that includes afirst set of permissions for access to resources, and a second class ofservice which includes a second set of permissions of access toresources.

BRIEF DESCRIPTION OF THE DRAWINGS

These and other aspects will now be described in detail with referenceto the accompanying drawings, in which:

FIG. 1 shows a basic diagram of the networks described herein.

DETAILED DESCRIPTION

Wireless networks have been used for other things besides secure filetransfer. For example, Internet Cafes, and “wireless hot spots” mayinclude the capability of communication to a user's personal laptopwhich is equipped with a wireless card. This may use a network key forthe encryption of the word “public”, or a network key which is given tousers who pay for the service or pay for a drink or food, or without anynetwork key at all. Certain areas such as hotel rooms are often wirelessenabled. However, the communication is typically or totally on, ortotally off; that is either the user is allowed to receive wirelessInternet, or the user is blocked from all communications.

The present system teaches a network with multiple levels of capability,depending on the access credentials possessed by the user. FIG. 1 showsthis being carried out using multiple network cards or NICs. However,the same effect can be obtained with a single NIC. Preferably thenetwork cards are wireless, using one of the features of IEEE 802.11wireless communication protocols.

Different classes of users may be assigned. The first class of users,shown as user 1, are allowed file access to files and information fromthe server. These users may be given the encryption key, here for thefirst NIC 100 here shown as ABCDEF. These users may be allowed thehighest level of access to resources. As conventional users who have thecomplete set of credentials, they are allowed unlimited upload anddownload, and full file access (that is allowed to non-administratorusers). In addition, these users may be allowed the maximum upload anddownload speeds which is given to network users, and to receive alldifferent kinds of Internet and files from all sources.

For example, the amount of access which is provided to these users maybe assigned by the operating system which drives the NICS. For example,if Windows XP is used as the operating system, it may assign NIC 100with unlimited file access.

A second class of users shown as user 2 do not have the credentials,here the encryption key, for the network card 100, and hence use theencryption key “public” and thereby can only communicate with thenetwork card No. 2 shown as 110. Alternatively, these same users maycommunicate using no encryption key at all. The network card 110 allowsonly some subset of the operations that are allowed by the network card100. For example, the user 2 may receive Internet only, and no fileaccess. They may be allowed to print. In addition, the upload anddownload speeds may be limited or severely limited; for example, theInternet may be limited to 1M download speeds and 100K of upload speed.

This system as described above may be usable in an office environment.For example, users who are actually members of the office obtain fileaccess, while visitors only receive print and Internet access.

Another contemplated use is in pay-for-Internet use. The user 1 may paya higher fee than the user 2. For example, user 2 may pay only forlimited Internet, while user 1 may pay for access to resources such asvideo over IP, and higher download speeds from the Internet.

In addition, a third class of users shown as user 3 may be defined.These users communicate only to NIC 120. Note that while this describesusers 1, 2 and 3, any subset of these users may be used, for example asystem may be configured which only communicates with user 1 and user 3.The NIC No. 3 is shown as having no encryption code whatsoever. User 3is limited even further. User 3 may receive only commercial parts of theInternet. In the office environment, this may limit the Internet to webpages describing the office and/or certain intranet sites. In a pay forinternet environment, this may describe the “free” user, who may onlyreceive certain content. User 3 may also receive a severely restrictedbandwidth and/or only a limited quantity of information. For example,the user 3 may be assigned a token which allows them only to receive forexample total of 1 megabytes of download and only to upload 100Kilobytes of upload. This even further limits the user 3.

As described above, the different users in their different classes havedifferent levels of file access, and resource access, resource speed andresource amount.

FIG. 1 shows this being carried out with three different network cardsover the same airspace. Alternatively, the three different networks maybe carried out as part of a single network card; shown as network card130. For example, this may include three network resources which operateon the single card. Alternatively, the three different kinds ofresources may be carried out in software, for example this may becarried out by three different network resource allowances within thesoftware that runs the network card or within the server 99.

Other implementations are within the disclosed embodiment

1. A network transmitting system, comprising: a first networking device,transmitting a first wireless network system from a first location, saidfirst wireless network system requiring a first access criteria in orderto access said first wireless network system, and said first wirelessnetwork system, when accessed using said first access criteria,providing a first level of access to network resources; a secondnetworking device, transmitting a second wireless network system from anarea adjacent said first location, said second wireless network systemcontrolling access without said first access criteria, and providing asecond level of access to network resources in order to access saidsecond wireless network system, wherein said second level of access tonetwork resources provided by said second wireless network system isless access to network resources than provided by said first level ofaccess to network resources provided by said first wireless networksystem.
 2. A system as in claim 1, wherein said first and secondnetworking devices are two separate devices which are physically in asame housing, and transmit over a same area.
 3. A network transmittingsystem as in claim 1, wherein said first level of access provided bysaid first wireless network system provides access to video over IP oversaid first wireless network system, and said second level of accessprovided by said second wireless network system does not provide accessto video over IP over said second wireless network system.
 4. A networktransmitting system as in claim 1, wherein said first level of access tonetwork resources provides a first total amount of data that can betransferred in a specified session, and said second level of access tonetwork resources provides a second total amount of data that can betransferred in a specified session, wherein said second total amount isless than said first total amount.
 5. A network transmitting system asin claim 1, wherein said access criteria is a digital key.
 6. A systemas in claim 5, wherein said second wireless network system allows accessonly based on a second access criteria.
 7. A system as in claim 6,wherein said second access criteria is also a digital key that isdifferent than the first digital key.
 8. A system as in claim 5, whereinsaid digital key is an encryption key that is used to at least one ofencrypt or decrypt a stream of information forming said first wirelessnetwork system.
 9. A system as in claim 1, wherein said access criterialimits access such that only specific Internet pages which can beobtained.
 10. A system as in claim 4, wherein said access is based on atoken that allows only a certain amount of data transfer.
 11. A systemas in claim 1, wherein said first and second levels of access to networkresources provide different levels of all of file access, resourceaccess, resource speed, and resource amount.
 12. A system as in claim 6,further comprising a third networking device, transmitting a thirdwireless network system from an area adjacent said first location,wherein said third networking device operates without either of saidfirst or second access criteria and provides a third level of access toresources which is less access to resources than either of said first orsecond levels of access.
 13. A network transmitting system, comprising:a first networking device, transmitting a first wireless network systemfrom a first location, said first wireless network system sending andreceiving encrypted information in order to access said first wirelessnetwork system, and said first wireless network system providing a firstlevel of access to network resources via said encrypted information; asecond networking device, transmitting a second wireless network systemfrom an area adjacent said first location, said second wireless networksystem not being encrypted, and providing a second level of access tonetwork resources in order to access said second wireless networksystem, wherein said second level of access to network resourcesprovided by said second wireless network system provides less access tonetwork resources than provided by said first level of access to networkresources provided by said first wireless network system.
 14. A systemas in claim 13, wherein said first and second networking devices are twoseparate devices which are physically in a same housing, and transmitover a same area.
 15. A network transmitting system as in claim 13,wherein said first level of access provided by said first wirelessnetwork system provides access to video over IP over said first wirelessnetwork system via said encrypted steam, and said second level of accessprovided by said second wireless network system does not provide accessto video over IP over said second wireless network system via saidunencrypted stream.
 16. A system as in claim 13, further comprising athird networking device, transmitting a third wireless network systemfrom an area adjacent said first location, wherein said third networkingdevice operates without either of said first or second access criteriaand provides a third level of access to resources which is less accessto resources than either of said first or second levels of access.
 17. Anetwork transmitting system, comprising: a first networking device,transmitting a first wireless network system, said first wirelessnetwork system requiring a first access criteria in order to access saidfirst wireless network system, and said first wireless network system,when accessed using said first access criteria, providing a first levelof access to network resources, and providing video over IP access whichcan be accessed using said first access criteria; a second networkingdevice, transmitting a second wireless network system that is a separatenetwork from said first wireless network system, said second wirelessnetwork system controlling access without said first access criteria,and providing a second level of access to network resources in order toaccess said second wireless network system, where said second level ofaccess to network resources does not allow video over IP.
 18. A systemas in claim 17, wherein said first and second networking devices are twoseparate devices which transmit over a same area.
 19. A system as inclaim 17, wherein said second wireless network system allows access onlybased on a second access criteria, different than said first accesscriteria.
 20. A system as in claim 17, wherein said first accesscriteria is an encryption key that is used to at least one of encrypt ordecrypt a stream of information forming said first wireless networksystem.
 21. A system as in claim 19, further comprising a thirdnetworking device, transmitting a third wireless network system, whereinsaid third networking device operates without either of said first orsecond access criteria and provides a third level of access to resourceswhich is less access to resources than either of said first or secondlevels of access.